Post navigation

Imagine you’re giving a presentation to the board of directors at your company. You have your PowerPoint slides all ready, you’re projecting onto a 64 inch screen… what could possibly go wrong?

Well, what would you do if your carefully composed presentation was replaced on the big screen by images of a naked woman? My guess is that you wouldn’t know where to put your laser pointer..

52-year-old Walter Powell used to be an IT manager at Baltimore Substance Abuse System Inc, until he was fired in 2009. Clearly someone who believed that revenge should be served red hot, Powell used his computer knowledge to hack into his former employer’s systems from his home and install keylogging software to steal passwords.

On one occasion, Powell took remote control of his former CEO’s PowerPoint presentation to the board of directors, and projected pornographic images on the 64 inch TV.

According to media reports, Judge M. Brooke Murdock gave Powell a two year suspended sentence, and ordered him to 100 hours of community service and three years’ probation.

Cases like this underline the importance of having a proper process in place when staff leave your company. That means changing passwords, and removing access rights when an employee’s time at your firm comes to an end.

People do, of course, leave jobs all the time and most of them would never dream of logging back in to their old place of work to cause trouble. But it only takes one disaffected former worker to wreak havoc – so make sure your defences are in place, and that only authorised users can access your sensitive systems.

46 comments on “Fired IT manager hacks into CEO’s presentation, replaces it with porn”

Having said that the IT Manager should know the system very well including any potential weak spots, if he knew he was for the chop he could have created a few to allow himself access even after company procedures.

How would changing passwords have helped in this case? Unless I read it wrong, he used a software keylogger to get the passwords. Change them and he can just steal the new ones, right? It doesn't even matter how "good" a password you use.

Every time I read one of these I wonder at how in the world it occurred to someone to break in and do something like this. I guess what I'm saying is that I'm more than technically capable of doing what this guy did, but I lack the ability to think up something like this. Now that you've put the idea in my head I can see very clearly how it might be accomplished, but I could never think up the idea. I guess I'm saying I am really proficient at the HOW of these things, but the what and why–not so much.

I think just not mistreating your employees is good enough. At my old work place, for someone they laid off just before her lifetime insurance benefits were about to kick in, when she asked how they could do their job with conscience, they coldly replied: well someone has to do it. At another place, I was tempted to SQL inject the database because the manager was a d-bag.

Personally, I applaud the ex-manager for doing it. I am 51-years old, and I was "fired" from a job similar to this for having a mild heart attack. Their insurance rates were going to shoot up, so they fired me about 2 months after my return, making all kinds of groundless excuses as to why I was being let go. I actually thought about wrecking havoc on their systems, but I've never knowingly broken the law, and I didn't want to start. I do give that manager a big high-five, though :D.

you are an idiot. there is something called at will employment where an employer can fire you for any reason or no reason at all. maybe you are lucky enough to work in a union for a city job and are fortunate enough to get paid overtime for sitting on your ass and feel secure. but for the majority of us don't have that privelage especially in the tech industry.

I feel for you man, had similar. Biker dropped a 600kg load on me from a forklift, was then pulled aside with management present and told "If we ever hear of this again we'll beat the shit out of you" 2 months off work and medical bills pilling up i tired to make a claim but between them and the insurance co, im not sure whos the biggest crook. Needless to say they came good on their word but was also stabbed.

Since then ive been retaining and earned 2 diplomas in engineering, this week went for one of the jobs i've long lusted after but after the legal team done their discovery decided the liability was to high with an existing condition.

Now im not sure where to go or what to do im under 30. I most certainly have the IT Skills to do this if not worse but my moral integrity precludes me. Worse is i have detailed explosives knowledge, Its a good thing im one of the good guys i guess.

Seriously, its not even worth it. if I’m reading the image correctly he was sentenced to 2years in jail. If he was that good of a “hacker” he wouldn’t have come in from his home ip (as stated). He should have piggy backed on other machines that he may have compromised in order to cover his tracks. Even doing it from a library would have been a better option.

Changing passwords?
What about a "correct procedure" to fire people – one that will leave them without resentment?
It would also be very interesting WHY he was fired in the first place. That might explain some special hatred for the CEO perhaps …

And after all, maybe he thinks it's been worthwile, even doing 2 years community service.

My guess is he wanted them to know who did it and he didn’t care about the consequences. OR like all people who are really, really angry, he didn’t think they would successfully prosecute him because his anger blinded him to reality.

You're giving most IT managers way too much credit. Very few IT managers I've worked with over the last 15 years would have a clue how to do this. Most of them are "MS Office" pros, can work a calendar and a smart phone and that's about it. CIO's and CEO's are even worse…

"Cases like this underline the importance of having a proper process in place when staff leave your company. That means changing passwords, and removing access rights when an employee's time at your firm comes to an end."

However, you first must make them bitter, ignore their problems, don't give them a good package when leaving… But hire a security consultant to sell you a technical solution to a human problem.

This is a good reason to do personality profiles on all new hires, and then also to treat everybody with respect. As a CEO I have to do the hated thing and fire someone occasionally. But this is always a last resort only after trying to fix the problem first. All firings have supportable misbehavior or poor performance well documented before we get to the point of firing. Truth is none of us need anymore enemies out there.